[strongSwan] About the example host2host-cert!
andreas.steffen at strongswan.org
Tue Jan 11 04:16:00 CET 2011
it seems that the other end is not reachable on IKE UDP port 500. If you
didn't start iptables then this port shouldn't be blocked. I rather
suspect that the IKE daemon on the other end is either not running
or not configured for the same IKE version (IKEv1 versus IKEv2).
On 11.01.2011 02:49, wenrongbupt wrote:
> Hi all,
> I configure the ipsec.conf according this url：http://www.strongswan.org
> But everytime I run ipsec up host-host,the output is the packet
> retransmit five times，then said establishing IKE_SA failed，peer not
> I guess that the reason is I didn't configure iptables and didn't run
> /etc/init.d/iptables.I hadn't found the iptables in the dir /etc/init.d.
> I use ubuntu 9.04.
> I want to know how to configure iptables(the result same as
> ) and the purpose of /etc/init.d/iptables?
> Thank you very much for your reply.
> Best Regards
Andreas Steffen andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
More information about the Users